Things I have no choice but to write

Month: October 2024

Largest US Water Utility Hacked: American Water

(Full List of Water System Cybersecurity Stories | Cybersecurity and Valley Water)

It has happened again. Another water utility has been hacked. A number of sources (CNBC, CBS, CNN) have reported that the nation’s largest water utility, American Water has been hacked. American Water manages more than 500 water and wastewater systems in about 1,700 communities across at least 14 states, including California.

American Water has announced it is back online. Further, American Water says it has no indication that its water and wastewater facilities were impacted by this incident. It also says that water quality was not affected.

The attack was first reported in an 8K filing with the SEC on October 3rd. American Water appeared to recover by October 10th, according to a statement released by the company.

The attack appeared to cause network outages, rendering both American Water’s billing portal, MyWater, and its internal phone network inoperative, according to cyberSecurity publication Dark Reading.

This is by no means the first attack on a water system this year. As has been written about on this site, there have been attacks in Texas, Hawaii, Kansas, and Pennsylvania. Moreover, there have been new cybersecurity guidelines issued for water systems by DHS, and more security called for by the EPA.

Valley Water needs a Director who understands the nature of the cybersecurity threat. Bill Roth is that candidate who brings years of experience in both technology and cybersecurity, and can ask the right questions to ensure our water systems remain safe.

For more information, check out Fast Facts about Bill Roth.

Kansas Water Facility Suffers Ransomware Attack

The Threat Continues…

PC Magazine is reporting that a Kansas City Water utility has been the victim of a ransomware attack. The water treatment facility in Arkansas City, Kansas, came under attack and had to resort to “manual operations.”

Ransomware is a type of malicious software that encrypts a victim’s data, rendering it inaccessible. Cyber-criminals, often from Russia and North Korea, then demand a ransom, typically in cryptocurrency, to restore access. These attacks target individuals, businesses, and government agencies, often crippling operations. Victims face tough decisions: pay the ransom with no guarantee of data recovery or risk permanent data loss. Ransomware has become an increasingly common.

Why is this serious? Consider what would happen during a storm where Lexington Dam could not open its floodgates in time, causing the dam to be over-topped. This would cause serious damage to the dam and to the towns in the path of the flood, like Los Gatos, Campbell, and San José.

Topics related to cyber-security have only shown up in the agenda and minutes of Santa Clara Valley Water Board of Directors twice in the last 5 years. More needs to be done. The water agency for Silicon Valley needs a board member who understands the threat, and can advocate for the resources to deal with it.

Bill Roth is that candidate. For more information check out more articles on cybersecurity.

To keep up to date on the campaign, subscribe below.

© 2025 Bill Roth

Theme by Anders NorenUp ↑